Bug 119984

Summary: groupdav resources stores (unused) password in clear text in .kde/share/config/kresources_groupwarerc
Product: [Unmaintained] kresources Reporter: Sebastian Reitenbach <itlistuser>
Component: groupdavAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED UNMAINTAINED    
Severity: normal    
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: openSUSE   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Sebastian Reitenbach 2006-01-12 17:03:20 UTC 
Version:            (using KDE KDE 3.5.0)
Installed from:    SuSE RPMs
OS:                Linux

the entered password in a groupdav resource configuration window is stored in clear text in the following file:
~/.kde/share/config/kresources_groupwarerc

due to security concerns this is in no way good, especially as it is not used anyway:
http://bugs.kde.org/show_bug.cgi?id=100451

suggestion: remove the password entry field from the groupdave resource configuration interface. The http password authentication will popup and ask for a password. If I want to save it, the kdewallet is used then.
Comment 1 Reinhold Kainhofer 2006-11-02 19:06:49 UTC 
Reassigning all KOrganizer bug reports and wishes to the newly created 
korganizer-devel mailing list.
Comment 2 Christoph Cullmann 2024-08-11 18:08:27 UTC 
Dear reporter, the resources handling got redone for KF5 and KF6 based PIM applications.

If you still encounter the issues you had in the past, please report them to the current maintained and updated PIM applications you use

Thanks a lot!